Yii Framework Forum: Create Custom Role - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Create Custom Role Create custom role and create access rules for that custom role Rate Topic: -----

#1 User is offline   vrushank 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 3
  • Joined: 27-November 12

Posted 27 November 2012 - 02:37 AM

I am pretty new to yii and also to the yii forum.

I am stuck into new role creation and create access rules for the new role created. It will be very grateful if anyone can help me out.

Let me give my app scenario. I have two tables named account & user. I can't change any filed in the database as it's given by the client, and he has implemented this db at other place.

Account Table
I have one field account_type defining two roles:
1. "Customer Support" - Super admin
2. "Standard User" - Admin / user [Decided from user table]

User Table
I have one filed is_admin defining two roles :
1. "Admin" - if Y then from the account table standard user is an admin.
2. "User" - if N then from the account table standard user is a normal user.

So, finally it comes to three roles:
1. "Customer Support"
2. "Admin"
3. "User"

For different roles i have to allow & restrict access to different locations in my application.

UserIdentity.php
public function authenticate()
	{
		$email = strtolower($this->username);
		$Users  = User::model()->find("LOWER(login_id)='$email' OR LOWER(email)='$email'");

                if($Users===null)
                    $this->errorCode=self::ERROR_USERNAME_INVALID;
                else if(!$this->validatePassword($Users->password_doubled_hash))
                    $this->errorCode=self::ERROR_PASSWORD_INVALID;
                else
                {
                    Yii::app()->user->setState('name',$Users->name);

                    if($Users->account->account_type == "Customer Support")
                    {
                        Yii::app()->user->setState('user_type',$Users->account->account_type);
                    }
                    else
                    {
                        if($Users->is_admin == 'Y')
                        {
                            Yii::app()->user->setState('user_type','Admin');
                        }
                        else
                        {
                            Yii::app()->user->setState('user_type','User');
                        }
                    }
                    $this->errorCode=self::ERROR_NONE;
                }
		return $this->errorCode==self::ERROR_NONE;
	}


indexController
public function accessRules()
	{
		return array(
			array('allow',  // allow all users to perform 'index' and 'view' actions
				'actions'=>array('login','forgotPassword','error'),
				'users'=>array('*'),
			),
			array('allow', // allow admin user to perform 'admin' and 'delete' actions
				'actions'=>array('index','logout','error'),
				'users'=>array('Customer Support'),
			),
                        array('allow', // allow admin user to perform 'admin' and 'delete' actions
				'actions'=>array('index','logout','error'),
				'users'=>array('Admin'),
			),
                        array('allow', // allow admin user to perform 'admin' and 'delete' actions
				'actions'=>array('index','logout','error'),
				'users'=>array('User'),
			),
			array('deny',  // deny all users
				'users'=>array('*'),
			),
		);
	}


I am not able to access logout action if i login using any of the roles defined earlier.

How can i create custom roles for three roles defined earlier & access rules for the same?

I know the following method,
$auth=Yii::app()->authManager;

$bizRule='return !Yii::app()->user->isGuest;';
$auth->createRole('authenticated', 'authenticated user', $bizRule);
 
$bizRule='return Yii::app()->user->isGuest;';
$auth->createRole('guest', 'guest user', $bizRule);

$role = $auth->createRole('admin', 'administrator');
$auth->assign('admin',1); // adding admin to first user created


But in the above method the admin role is assigned to only one user whose id is 1.
I don't want to be specific. I have to assign admin role who so ever is admin in my application.
Above is the static method and i want it to be dynamic.

Hopefully i have explained my problem clearly and with all details.

I am sorry if i have posted my question at the wrong place.

I am in need of urgent action for the above problem. Hopefully someone comes with right solution.

Thanks in advance.
0

#2 User is offline   Rajith R 

  • Master Member
  • PipPipPipPip
  • Yii
  • Group: Members
  • Posts: 880
  • Joined: 20-April 11
  • Location:India

Posted 27 November 2012 - 04:01 AM

use yii user + rights modules
Rajith Ramachandran,
Wiwo inc.
| Mobile: 919995504508
0

#3 User is offline   Rajith R 

  • Master Member
  • PipPipPipPip
  • Yii
  • Group: Members
  • Posts: 880
  • Joined: 20-April 11
  • Location:India

Posted 27 November 2012 - 05:07 AM

check out the wiki

wiki
Rajith Ramachandran,
Wiwo inc.
| Mobile: 919995504508
0

#4 User is offline   vrushank 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 3
  • Joined: 27-November 12

Posted 27 November 2012 - 05:41 AM

I am aware about suggestions provided by Rajith.

I want to know what can be done in my situation.

Anyone?
0

#5 User is offline   Chris Backhouse 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 34
  • Joined: 04-August 11
  • Location:France

Posted 04 April 2013 - 04:20 AM

Hi

I know this is a bit old so I presume that you have already found a solution ...

It looks to me as though you could extend the CWebUser class to define your roles
isAdmin, isUser, isSupport and then you can easily define your rules using those.

The differentiation between UserIdentity and WebUser being that UserIdentity is meant to establish that the user is who he claims to be and webuser is used to define/hold business required information about the user (authenticated or not).

public function accessRules()
        {
                return array(
                        array('allow',  // allow all users to perform 'index' and 'view' actions
                                'actions'=>array('login','forgotPassword','error', 'logout'),
                                'users'=>array('*'),
                        ),
                        array('allow', 
                                'actions'=>array('index','error'),
                                'expression'=>'Yii::app()->user->isSupport()',
                        ),
                        array('allow', 
                                'actions'=>array('index','error'),
                                'expression'=>'Yii::app()->user->isAdmin()',
                        ),
                        array('allow', 
                                'actions'=>array('index','error'),
                                'expression'=>'Yii::app()->user->isUser()',
                        ),
                        array('deny',  // deny all users
                                'users'=>array('*'),
                        ),
                );
        }


I've added logout to the All users category as I couldn't understand why you would need to define it on each user level
0

#6 User is offline   sandinosaso 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 7
  • Joined: 01-May 14
  • Location:Uruguay

Posted 04 May 2014 - 12:59 AM

Have you tried making an OR expression involving all the 3 like this:


array('allow', 
        'actions'=>array('index','error'),
        'expression'=>'Yii::app()->user->isUser() or Yii::app()->user->isSupport() or Yii::app()->user->isAdmin()',
     ),

0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users